CVE-2017-12197

It was found that libpam4j up to and including 1.8 did not properlyvalidate user accounts when authenticating. A user with a valid passwordfor a disabled account would be able to bypass security restrictions andpossibly access sensitive information.